//package cn.skycity.framework.service.config;
//
//import cn.skycity.framework.core.config.IgnoreProperties;
//import jakarta.annotation.Resource;
//import org.springframework.boot.context.properties.EnableConfigurationProperties;
//import org.springframework.context.annotation.Bean;
//import org.springframework.context.annotation.Configuration;
//import org.springframework.core.Ordered;
//import org.springframework.core.annotation.Order;
//import org.springframework.security.oauth2.server.resource.introspection.OpaqueTokenIntrospector;
//import org.springframework.security.web.SecurityFilterChain;
//import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
//
//import java.util.List;
//
///**
// * @Author: liguang8
// * @Date: 2023-08-18
// * @Version: 2.0
// */
//@Configuration
//@EnableWebSecurity
//@EnableMethodSecurity //启用方法级的权限认证
//@EnableConfigurationProperties(IgnoreProperties.class)
//public class ResourceServerAutoConfiguration {
//
//    private OAuth2AuthorizationService oAuth2AuthorizationService
//    @Resource
//    private IgnoreProperties ignoreProperties;
//    @Resource
//    private OpaqueTokenIntrospector opaqueTokenIntrospector;
//
//    @Bean
//    @Order(Ordered.HIGHEST_PRECEDENCE)
//    public SecurityFilterChain defaultSecurityFilterChain(HttpSecurity http)
//            throws Exception {
//        List<String> urls = ignoreProperties.getUrls();
//
//        List<AntPathRequestMatcher> ants = urls.stream().map(AntPathRequestMatcher::new).toList();
//        AntPathRequestMatcher[] array = ants.toArray(new AntPathRequestMatcher[0]);
//
//        http.authorizeHttpRequests(requestMatcherRegistry -> {
//            requestMatcherRegistry.requestMatchers(array).permitAll();
//            requestMatcherRegistry.anyRequest().authenticated();
//        });
//        // 添加BearerTokenAuthenticationFilter，将认证服务当做一个资源服务，解析请求头中的token
//        http.oauth2ResourceServer((resourceServer) -> resourceServer
//                        .opaqueToken( opaqueTokenConfigurer -> opaqueTokenConfigurer.introspector(opaqueTokenIntrospector))
////                        .accessDeniedHandler(new CustomAccessDeniedHandler())
////                        .authenticationEntryPoint(new AuthExceptionEntryPoint())
//                )
//                .headers(headers -> headers.frameOptions(HeadersConfigurer.FrameOptionsConfig::disable))
//                .csrf(AbstractHttpConfigurer::disable);
//        return http.build();
//    }
//
//}
